Forwarded with permission.

So there *is* a BTNS implementation, after all. Albeit
only for OpenBSD -- but this means FreeBSD is next, and
Linux to follow.

----- Forwarded message from Andreas Davour <> -----

Date: Sun, 8 Sep 2013 09:10:44 -0700 (PDT)
From: Andreas Davour <>
To: Eugen Leitl <>
Subject: [Cryptography] Opening Discussion: Speculation on "BULLRUN"
X-Mailer: YahooMailWebService/
Reply-To: Andreas Davour <>

> Apropos IPsec, I've tried searching for any BTNS (opportunistic encryption 
> mode for
> IPsec) implementations, and even the authors of the RFC are not aware of any. 
> Obviously, having a working OE BTNS implementation in Linux/*BSD would be a 
> very valuable thing, as an added, transparent protection layer against 
> passive attacks. There are many IPsec old hands here, it is probably just a 
> few man-days
> worth of work. It should be even possible to raise some funding for such a 
> project. Any takers?

Hi. I saw this message in the archive, and have not figured out how to reply to 
that one. But I felt this knowledge needed to be spread. Maybe you can post it 
to the list?

My friend "MC" have in fact implemented BTNS! Check this out:

I think I can speak for him and say that he would love to have that 
implementation be known to the others on the list, and would love others to add 
to his work, so we can get real network security without those spooks spoiling 

"My son has spoken the truth, and he has sacrificed more than either the 
president of the United States or Peter King have ever in their political 
careers or their American lives. So how they choose to characterize him really 
doesn't carry that much weight with me." -- Edward Snowden's Father

----- End forwarded message -----
Eugen* Leitl <a href="";>leitl</a>
ICBM: 48.07100, 11.36820
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5

Attachment: signature.asc
Description: Digital signature

The cryptography mailing list

Reply via email to